Risk has always been an integral part of business, but as I’ve noted, companies deal with risk with varying degrees of effectiveness. A complex, ongoing process, operational risk management identifies risks to support successful operations of an organization, estimates the monetary and other measurable impacts if a risk event occurs, establishes methods for mitigating the severity of impacts should they occur, continuously measures the probability of a risk occurring within a relevant period of time, periodically reports on the risk environment to appropriate decision-makers and alerts executives and managers when risk thresholds are crossed. These important activities should make operational risk management of greater interest to executives in today’s volatile business environment.
Topics: Big Data, Performance Management, Sales Performance, Governance, GRC, Reporting, balanced scorecard, enterprise risk management, key risk indicators, KRI, risk and compliance, risk measurement, Operational Performance, Business Analytics, Business Performance, Financial Performance, In-memory, Risk, operational risk management
Risk has always been an integral part of business, but dealing effectively with risk is a progression. Indeed, history shows businesses adapting and coping better with risk through innovation. The importance of using information technology to manage risk is growing because today’s systems can automatically measure and analyze a much broader set of risk factors than individuals can, and do so more reliably. But a key challenge companies face in implementing enterprise risk management is developing a process for defining and measuring risk.
Topics: Sales Performance, Governance, GRC, Reporting, balanced scorecard, enterprise risk management, key risk indicators, KRI, risk and compliance, risk measurement, Operational Performance, Business Analytics, Business Performance, Financial Performance, Risk
My colleague Mark Smith and I have frequently commented on the artificiality of the emerging software category governance, risk and compliance (GRC). To be sure, once stand-alone categories of software (IT governance, audit documentation and industry-specific compliance management, to name three examples) have started what I expect to be a long convergence process. Moreover, since just about all controls and risk management efforts require a secure IT environment to be effective, there is a growing interdependence between effective IT governance and everything else connected with enterprise GRC.
Topics: Governance, GRC, enterprise risk management, ERM, risk metrics, vendor selection, Operational Performance, Business Performance, Financial Performance, compliance, Risk, risk management, controls, IT governance